LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 01-26-2004, 06:12 AM   #1
slacquer
LQ Newbie
 
Registered: Jan 2004
Posts: 8

Rep: Reputation: 0
Problem with Arno's IPTables ruleset?


I just installed Slackware 9.1. First order of business was to get the firewall up so that I could get online. I found a ruleset written by someone named Arno at simplylinux dot punted dot net. (It's my first post. Evidently I'm not allowed to use URLs until the fifth post. Anywho...) Apparently, it's reasonably widely used.

It looks pretty comprehensive, although I haven't had the chance to go over the rules in detail, but I did notice one problem that I thought should be pointed out. The first rule in the INPUT chain is supposed to accept all packets originating from the loopback interface. It comes from the following line in the rc.iptables script:

$IPTABLES -A INPUT -i lo -j ACCEPT

However, apparently my system didn't recognize "lo" (I'm guessing), and the first rule in my INPUT chain ended up accepting all packets from all sources regardless of protocol. Not much of a firewall, that. Once I changed the rule to read

$IPTABLES -A INPUT -s 127.0.0.1 -j ACCEPT

it worked as expected.
 
Old 01-26-2004, 09:06 AM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
Actually, that rule means ACCEPT everything coming in on lo interface, regardless of where it came from...

So, yes it's an open ACCEPT...

It should read: $IPTABLES -A INPUT -i lo -s 127.0.0.0/8 -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables with iptables-firewall.conf arno's matt3333 Slackware 16 06-28-2007 07:20 AM
Stealth iptables ruleset Mux Linux - Security 10 02-21-2007 02:54 AM
iptables ruleset for nameserver DaveL Linux - Newbie 4 01-07-2003 12:11 AM
Iptables ruleset Paul_assheton Linux - Networking 1 08-31-2002 07:01 AM
Iptables ruleset Kinstonian Linux - Security 1 04-04-2002 02:58 AM


All times are GMT -5. The time now is 03:37 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration